summaryrefslogtreecommitdiffstats
path: root/site/public/register-docs/index.html
diff options
context:
space:
mode:
authorYigit Sever2021-04-15 13:35:06 +0300
committerYigit Sever2021-04-15 13:35:06 +0300
commit77b99f7d3a8747f562f2b8f1e8df551aafea1b28 (patch)
tree8c02f0fc3e463439f5d05653a3f1052caa2138ed /site/public/register-docs/index.html
parentcd6839a3c6596f5e4197c6696b95efbf0c76d2ca (diff)
downloadgradecoin-77b99f7d3a8747f562f2b8f1e8df551aafea1b28.tar.gz
gradecoin-77b99f7d3a8747f562f2b8f1e8df551aafea1b28.tar.bz2
gradecoin-77b99f7d3a8747f562f2b8f1e8df551aafea1b28.zip
Remove lorems and inpsumses
Diffstat (limited to 'site/public/register-docs/index.html')
-rw-r--r--site/public/register-docs/index.html75
1 files changed, 27 insertions, 48 deletions
diff --git a/site/public/register-docs/index.html b/site/public/register-docs/index.html
index e3170f9..9a9b0c0 100644
--- a/site/public/register-docs/index.html
+++ b/site/public/register-docs/index.html
@@ -75,12 +75,6 @@
75 </div> 75 </div>
76 76
77 77
78 <div class="toc-item-child">
79 <a class="subtext" href="https://gradecoin.xyz/register-docs/#gradecoin-side"><small>- Gradecoin Side</small></a>
80 </div>
81
82
83
84 </div> 78 </div>
85 </div> 79 </div>
86 80
@@ -89,53 +83,38 @@
89 <div class="content text"> 83 <div class="content text">
90 84
91<div class="heading-text">Register Documentation</div> 85<div class="heading-text">Register Documentation</div>
92<p>POST request to /register endpoint 86<p>POST request to /register endpoint</p>
93Lets a [<code>User</code>] (=student) to authenticate themselves to the system 87<p>Lets a user to authenticate themselves to the system.
94This <code>request</code> can be rejected if the payload is malformed (=not authenticated properly) or if 88Only people who are enrolled to the class can open Gradecoin accounts.
95the [<code>AuthRequest.user_id</code>] of the <code>request</code> is not in the list of users that can hold a Gradecoin account</p> 89This is enforced with your Student ID and a one time password you will receive.</p>
96<h1 id="authentication-process">Authentication Process</h1> 90<h1 id="authentication-process">Authentication Process</h1>
97<ul> 91<ul>
98<li> 92<li>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on our Moodle page.</li>
99<p>Gradecoin's Public Key (<code>gradecoin_public_key</code>) is listed on moodle.</p> 93<li>You pick a short temporary key (<code>k_temp</code>)</li>
100</li> 94<li>Create a JSON object (<code>auth_plaintext</code>) with your <code>metu_id</code> and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>) <a href="https://tls.mbed.org/kb/cryptography/asn1-key-structures-in-der-and-pem">reference</a></li>
101<li>
102<p>Gradecoin's Private Key (<code>gradecoin_private_key</code>) is loaded here</p>
103</li>
104<li>
105<p>Student picks a short temporary key (<code>k_temp</code>)</p>
106</li>
107<li>
108<p>Creates a JSON object (<code>auth_plaintext</code>) with their <code>metu_id</code> and <code>public key</code> in base64 (PEM) format (<code>S_PK</code>):
109{
110student_id: &quot;e12345&quot;,
111passwd: &quot;15 char secret&quot;
112public_key: &quot;---BEGIN PUBLIC KEY...&quot;
113}</p>
114</li>
115<li>
116<p>Encrypts the serialized string of <code>auth_plaintext</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>auth_ciphertext</code> TODO should this be base64'd?</p>
117</li>
118<li>
119<p>The temporary key student has picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme
120using sha256 with <code>gradecoin_public_key</code> (TODO base64? same as above), giving us <code>key_ciphertext</code></p>
121</li>
122<li>
123<p>The payload JSON object (<code>auth_request</code>) can be JSON serialized now:
124{
125c: &quot;auth_ciphertext&quot;
126key: &quot;key_ciphertext&quot;
127}</p>
128</li>
129</ul> 95</ul>
130<h2 id="gradecoin-side">Gradecoin Side</h2> 96<pre style="background-color:#ffffff;">
97<code class="language-json" data-lang="json"><span style="color:#545052;">{
98 &quot;</span><span style="color:#009854;">student_id</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">e12345</span><span style="color:#545052;">&quot;,
99 &quot;</span><span style="color:#009854;">passwd</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">15 char secret</span><span style="color:#545052;">&quot;,
100 &quot;</span><span style="color:#009854;">public_key</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">---BEGIN PUBLIC KEY...</span><span style="color:#545052;">&quot;
101}
102</span></code></pre>
131<ul> 103<ul>
132<li>Upon receiving, we first RSA decrypt with OAEP padding scheme using SHA256 with <code>gradecoin_private_key</code> as the key and auth_request.key <code>key</code> as the ciphertext, receiving <code>temp_key</code> (this is the temporary key chosen by stu</li> 104<li>Pick a random IV.</li>
133<li>With <code>temp_key</code>, we can AES 128 Cbc Pkcs7 decrypt the <code>auth_request.c</code>, giving us 105<li>Encrypt the serialized string of <code>auth_plaintext</code> with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (<code>k_temp</code>), the result is <code>auth_ciphertext</code>. Encode this with base64.</li>
134auth_plaintext</li> 106<li>The temporary key you have picked <code>k_temp</code> is encrypted using RSA with OAEP padding scheme
135<li>The <code>auth_plaintext</code> String can be deserialized to [<code>AuthRequest</code>]</li> 107using SHA-256 with <code>gradecoin_public_key</code>, giving us <code>key_ciphertext</code>. Encode this with base 64.</li>
136<li>We then verify the payload and calculate the User fingerprint</li> 108<li>The payload JSON object (<code>auth_request</code>) can be serialized now:</li>
137<li>Finally, create the new [<code>User</code>] object, insert to users HashMap <code>&lt;fingerprint, User&gt;</code></li>
138</ul> 109</ul>
110<pre style="background-color:#ffffff;">
111<code class="language-json" data-lang="json"><span style="color:#545052;">{
112 &quot;</span><span style="color:#009854;">c</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">auth_ciphertext</span><span style="color:#545052;">&quot;,
113 &quot;</span><span style="color:#009854;">iv</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">hexadecimal</span><span style="color:#545052;">&quot;,
114 &quot;</span><span style="color:#009854;">key</span><span style="color:#545052;">&quot;: &quot;</span><span style="color:#009854;">key_ciphertext</span><span style="color:#545052;">&quot;
115}
116</span></code></pre>
117<p>If your authentication process was valid, you will be given access and your public key fingerprint that is your address.</p>
139 118
140 119
141 </div> 120 </div>